Troglodite feces by itself is probably pretty innocuous. But if you were to mix it with SARS, I'd be willing to bet the combination would kick your ass. Slide down that scale, troll. Take your bitching to news://alt.my.pussy.hurts or similar.
Actually, wanker, I do have a programming tip... go do some instead of pestering folks who have work to do. I had never come across a pxe variant of GRUB and so I asked the question, as pxeLinux does most of what I need at my job, but I'm still not knocked out. I myself have gotten over the need to pretend there is nothing I don't know or can't learn from another. If you are so damned well-versed in everything, why the hell do you bother with/.? It's rarely entertaining, and it can't be very informative for someone with your gargantuan intellect and endless expertise. You must have very little to do indeed if this is your form of entertainment. As ever, I am serious.
BTW... I never said I don't program... I said I'm not a programmer, as in that is not what I get paid to do. Of course, by that criteria, you could claim you're not a wanker.
Oooh, pxeGRUB... do tell. I have been using syslinux/pxelinux, but I was kinda hoping the U in GRUB was not a misnomer. Sine I use GRUB on all my non-netbooting *Xs, I did want to use it for netbooting but hadn't found the way. I guess now that I have the names, I can google with the best of them. Thanks for helping out.
I'm not sure I get your point, fwad. That was exactly the point of my first post, so what's your argument with me, regurgitator? And I never said I "figured out" anything. I said some developers have to be bitch-slapped to stop doing it. Others have to be bitch-slapped for other various reasons, but I'm sure you can cite a list from personal experience far longer than any I can imagine. Four replies to a single post.... must've struck a nerve.
Oh one more thing, to answer your question... I work with... ... YOUR MOTHER!
Seriously, though. I thought you'd given up on me. Thank God I was mistaken. It's so cute how you put your utterly baseless arguments and assumptions as to my intelligence, attitude, aptitude and skill in one AC post and your vain libel in another in the attempt to appear as two separate ACs. Truth told, you don't really even constitute a half poster, much less more than one.
Nice to know that I can put some bait out there and get you to waste some time in reply. The difference is I can troll you and still provide decent enough conversation/info to be worth something to the whole discussion.
No, I don't profess to be a coder. I went into systems to avoid any coding that requires thinking above the scripting level. That's just it. I'm amazed that some folks who base their entire livelihood on their ability to design and implement applications have so little a clue of how to do it.
You imply your own system architecture understanding and application design skillz are at least competent by attempting to impugn mine. Well, then you should think a little harder, buggar. Just creating an SSL session to keep your info safe on the wire doesn't begin to mitigate the problem with this exploit (um, geez, that's such an official word for what in this case boils down to URL-tampering... I thought enough work went into web app design today that URL-tampering was an extinct attack vector). That was my whole point earlier. Any idiot who can examine the hyperlink can imagine the attack method, So just observing normal operation within the app itself is enough to figure out that this is wider open than your pouting rictus in the proximity of the PFY.
You want code samples? There's nothing I do in any of my code that isn't easily derived from a five-minute google for whatever it is you're trying to do. You want some enlightening secrets about the super-secret world of locking down a server? Sorry, all I have is what's freely available from the usual sources, you know, bugtraq, the NSA, honeynet discussion lists, etc. No magic bullets. You caught me. What a fraud I've perpetrated.
I don't know where you get off trying to paint me as some kind of Steve Gibson or the like, but it sure is funny to watch you fail at cogent sentience in the process. I swear, when you get all worked up, it's like watching de-volution at work. Are we not men? The difference between your motivation and mine for carrying on this converstion is this... You do it just to antagonize me, but I actually believe there is hope for you one day to look at something more open-mindedly than you currently do. You egg me on because you believe my kind will never change. I reply becuase I retain hope that yours one day will. That's the beauty in the Dawn of Man... it happens every day somewhere. And once it happens to you, you can make it happen over and over for others.
Fortunately for me, the boss and the two major PMs have learned to take me seriously on the subject. The boss just knows what he sees when the systems get audited; the PMs know it because they used to be core developers and I helped them fix the holes that got shot in their app designs.
My problem is with some of the developers that have come in since that time to fill the slots left open as these two guys moved up to PMs and the projects expanded at the same time. What you end up with is twice as many folks working at the code level with half as much understanding of where the projects began, their roots. That's where a lot of bad decisions get made. And a lot of these new developers know how to make code do the basic stuff, but they don't have the knack for application design that the original architects did. And they think the only folks on par to tell them what their code should or shouldn't do (or even how to validate that it does operate as expected while developing) are the PMs or The Boss. Like I said, it is lucky for me those individuals listen to me now. Many of my disagreements with these dev guys have ended up nearly in fisticuffs, and they are much bigger than I am. And there's a lot of them compared to just me.
No, you're right on. We agree to the letter. Obscuring by naming is not security. Obscuring by hiding it in the header is not security. And any serious malevolent is sniffin' ya or otherwise intercepting your transmissions to understand where to find what he wants of your data before he ever tries an exploit in a browser, telnet client, or even a custom app designed specifically to generate exactly the kind of packets your app expects to see. When I said "at least have the decency to..." I guess I should've prepended with "there is never a time when you should, but..."
In a more general sense, what I was saying was "at least make 'em analyse packets to figure it out, don't let any dumbass who knows how to hover a link or "view > source" tell you how stupid you are. At least put up some kind of fight. Many of the coders here have had to be browbeaten about this. Some of them argue "My job is just to make this work. You make it secure." I have to make them understand that nothing can secure bad code. Sometimes I have to all but rewrite their code (or worse, redesign the app flow) to show them what's secure. And half the time, they come back and ask "OK, why is that better? My way is easier."
I'm serious. Developers who really take security seriously to the extent that they design it into the app as opposed to "spray it on" after the fact are rare in the commercial world, unless they are working on products/projects that are specifically security-related. No one else seems to get it and they think it is infrastructure's job to make the insecure app secure. Good admins are so underpaid...
I usually stand up for the Redmond boys if there's some bashing going on and not alot of balance to the issue. But this is just an incredibly stupid hole to have open. Why would you ever, ever, ever pass details in the URL string that the user himself need not (and should not be allowed to) supply? If it is because you are passing it among servers in some fancy-schmancy web service scheme, then at least have the decency to hide the exploitable name/value pair in an http header or something (but even this should not be necessary for what they are doing , even if my guess as to how their backend works is wayyy offbase). Somebody said it earlier in the discussion that it is because developers (using the term lightly) add features without thinking of how to do it right and how to do it securely and just pass any old thing in the URL string, and they were right on the mark.
Some coders (again using the term loosely) at my organization used to do this absolutely all the time and I would bitch about how piss poor it was from a security angle (and regularly demonstrate how easy it was to circumvent the intended "security" mechanisms). Everybody laughed at me when I did... that is until one of our largest customers hired an outside firm to audit the "security" of the apps they were getting. It took the firm very little time to discover these nuggets, of course. It is interesting to note that they reported that the application security was among the poorest they had seen, but that the server configurations (my department) were among the tightest. The sad thing is the stupid customer basically thought the two canceled each other out, threw some extra money at redesigning the application to meet the standards it should have to begin with, rewarded our systems team which had done it right the first time with absolutely squat, and renewed the contract for another five years. Shows you how much the corporate world understands what's really going on.
Hey... thanks for using the proper term. Today, all the S/W-only n00bs all think it is vocoRder just because the plugin makers didn't use the proper vernacular. The original effect was produced by what was called a vocoder. It should be noted that the obvious pitch-shifting was the *desired* effect. Similar in some respects to how one used the "talk box" to turn the shape of the oral cavity into a parametric EQ sweep for the output of a guitar amp, then fed into a vocal mic. Nice to know someone out there remembers the good ol' days.
Troll, I don't know what I did to piss in your cornflakes, but please tell me so I can script it and do it every ten minutes. Go away and if you come back, I dare you to post as yourself.
OMFG, LOFL & ROTF! Yes, I actually read it all and the mirth was the worth. Thank you, AfC, for demonstarting that you have the aptitude to commit the same verbicide of which you accuse me but of which you offer no evidence and of which none can I find. If you want anyone to take you seriously (and that would be a very high ambition for you, maybe unrealistic), try posting with some identity and get back to the discussion at hand. BTW anyone can get transciptions of the minutes from their local demagoguery's meetings and do find and replace; that does not equal original thinking or speaking. But it is one way to learn the language. FOAD.
You imply a disparity in your years of experience and mine and I do not doubt that. Judging from the maturity level of your posts, you don't have as many years breathing as I have of industry experience.
Say what you want about Lotus, but I will never use it again. And yes, that implies I have before. Solaris has generally performed well for me... it's just the on-again, off-again attitude towards x86 that makes me leery of ongoing support from Sun.
You assume you make more than me, and maybe you do (there's alot of people paying too much for too little out there) but you really shouldn't assume it because you are likely wrong. It matters not though, because I am secure in my career and my craft. You also assume I don't have a consulting biz of my own or "can't get a client". Whatever. If you feel it necessary to carry on this bullshit troll, go ahead. You're in my killfile.
Actually, you are off-base in places and off in others.
Of course I'm not using something that went gold (and that's MS's definition of gold, so take the grain of salt because you know ymmv) weeks ago in a production environment. I'm lazy, not stupid.
No, I'm not a Tom/Kyle/Anand type, but I do have to keep on top of the latest OS releases. I do have to evaluate the pros and cons of each release and figure out if it is worth it to my enterprise or to any of our customers. I download RH/Slack/BSD releases within days of availability and start putting them through their paces on test boxen. I do the same with MS products via my MSDN subscription. Working with both worlds all the time, I can't afford to bury my head in the sand and ignore the march of so-called progress or discount something just because it comes from Redmond.
I read the same tsarkon posts and info you did and what I gleaned from it was he installed it to do file-sharing and then proceeded to bash everything about the OS including what he didn't test or even understand in classic/. fashion and in a very uninformed manner.
You can bash Win2k DNS all you like but I have been running it production for two years for a number of complex domain trees and to also support a production AD (which interoperates just fine with my other LDAP servers, thank you) and I have found it to be quite stable. I am not stupid enough to let the AD servers talk DNS to the real world (use a DNS proxy locked down tighter than dick's hat band for that), but these are the kind of things you learn by actually USING a product rather than just clicking around a little and deciding it's inferior and not worth your time. BTW - maybe you're saying that there have been fewer serious BIND vulnerabilities than Win2K *DNS-specific* exploits? Umm, no.
As for IIS, if you're using it to serve up simple DB-bound web pages, again, you SHOULD be using Apache and pHp. IIS is not just the server version of PWS, dunghole. IIS is an application platform, not a simple web server. And that's not to say that Apache w/Jakarta or WebSphere or whatever else can't compete with that, because they definitely have their uses. But using the latest incarnations of IIS to work with windows-only application platforms is simply cheaper, faster and more extensible for large clients who have standardized on that homogeneous environment at both the client and the server. Notice I'm not defending that decision, I'm just telling you what it takes to stay competitive in the large contract RAD market, since you seem to not understand why anyone would even consider checking W2K3 out.
As for RRAS, it does what my org needs it to do and I don't have to buy/support another piece of hardware to do it. I'm sure an ISP would prefer another solution (understandably), but, then, I am not an ISP.
I really can't believe you even used the words "Solaris" and worse "Lotus" in the same paragraph with the word "service". Quarterly maintenance is not a good option when your users are down waiting for the fix or when a critical exploit needs attention. Patches come out when they have to not when they have been scheduled, moron.
I am certainly *not* a Microsoft-trained monkey, and I understand that many, many such creatures exist. Everything I know about MS I've learned from having to work with it. And I guarantee you I've had much more pain from their products than you have. But I have noticed a trend in their products improving in some areas, as much as I may disagree with their direction in others. I am not very interested in what is percieved as *cool*. If I were, would I be even arguing this with you on/.? Think about it. You sound like one of the folks that has to have a "clear winner" in the server category as opposed to realizing that it is a very broad field and one may smoke on some features but not on others. I would never limit my network to a single architecture like alot of our clients do. But then again, the reason our co
Any server product has its ups and downs. Why in the hell would you ues 2k3 for a SAMBA share? Jeez. If filesharing is all you're interested in, get a FREEDOS box and knock yourself out. You have little clue what you're talking about so I'm leaving it at that.
Has Caldera/SCO ever made a buck on anything they've made themselves (not bought from someone else)?
Why, oh, why did you let MS skate on the DR-DOS lawsuit? While it also was just another acquisition of yours, MS had really done wrong, and you were in the best position to do something about it. You could've made enough to float that boat of yours for ten years! And the DOJ case would've turned out very differently. I'm so glad my boss didn't follow my advice and buy your stock just before you settled.
I have not seen one post out here from someone who puts food on the table by publishing/distributing copyrighted material. So now you get to hear from one such person.
Filesharing is not illegal in general. Sharing files that are unauthorised copies of copyrighted works or sharing files in a manner which by violation of the agreement between the publisher and oneself invalidates any single user's fair use rights to their copy of a copyrighted work is fully illegal. Tired of you dolts muddying that issue. Quit that debate. I've ended it for you.
Now onto morals vs. morass -- the BMCs (read: Big Media Conglomerates) are dinosaurs and we (the consumer conglomerate) wish they would die already. True enough. Does that mean it is morally OK to lift the works of the artist who is stupid/unfortunate enough to be tied into the BMCs way of doing things? Absolutely not. If you like the artist enough and you want to see them off the corporate teat, I suggest contacting them and telling them why you didn't buy their merchandise. Maybe even GO TO A SHOW! (I know the geeks here don't get out much, but, if you like it that much, maybe you owe them that much.)
In a truly ideal situation, the artists don't owe the BMCs for producing their CDs and they can give the recorded material away, provided the fans SUPPORT THE SCENE! What everybody fails to realize is that concert tours, for all the pomp and all the hand-over-fist $$$ shelled out, make OTT (on-the-teat) artists nothing. The BMCs pay for them and operate them (you'll never believe this one, I sure don't) at a loss, so they say. But if you're an honest, hardworking band not OTT, then you play modest gigs at a modest venue and make an honest buck. You probably sell shirts and CDs and all manner of items off a table in the back, and you get by.
But some groups have expanded this enterprise (the Dead and Phish come to mind along with WSP, DMB, JID, others) enough to where they don't have to have a record deal to be successful. They may have a label back them from time to time, but it is because the label *begged* them and gave them such a sweetheart deal, it was hard to say no. More and more, a record deal does not mean success, it means failure and debt. Failure to attract a loyal crowd and sustain attendance at shows. Failure to organize efforts to market your merchandise. Failure to get traded in the word-of-mouth market to regional or national success. While hating the BMCs, you have to feel sorry for and respect the small returns of guys who are OTT (that is if you like their music), but convince them to wean themselves!
The secret is about how to produce good, reliable, useable software. The only ones from whom it is kept secret are apparently in your own poor-ass excuse for a development shop. The only good product you ever made -- err, bought -- was DR DOS and you sold it as soon as you got your petty settlemnt from BillG. I'll never forgive you for not stcking it to MS on that one. You were the only ones with a claim left standing to do it, even if it wasn't your creation. You could've made the DOJ case come out entirely different and made a fortune while you were at it. Instead, you took chump-change, tucked your tail and sold the product. For shame. Ransom Love indeed!
I have used SCO, both before and after you acquired it. It was and remains the bane of my existence as an admin. And OpenServer, please! OpenLinux, etc. -- all suckware! Please, everybody go back to Novell and focus all your energy on finally running that albatross the rest of the way into the ground. When you're done with that, see if you can buy the IP rights to Win9x from BillG. If you are selling it, I am sure all reasonable people everywhere will stop using it. What a service you could do the community.
On a more serious note, if any of your real IP has made it into the kernel, please, for god's sake point out precisely what it is so it can be promptly replaced with something that works!
We probably agree on alot, and you make some excellent points, but you have to recognize that much of it is as pertinent to GNU as to proprietary software. You also need to realize that just because a lUser doesn't know how to set an OS up doesn't mean the OS itself is any less secure (as opposed to the installation of the OS). Yes, Win9x and NT up until very late service packs sucked hard. Believe me, I had to admin a whole freakin lot of them.
No, I'm not saying there is a security equivalency between WinNT+ and your favorite BSD (I like NetBSD myself) -- I am saying that ultimately we really can't know beyond what is able to be hacked on either one of them. And at that point it gets a patch if the hacker wasn't blackhat, so it's just another vulnerability fixed.
I am also saying that yes, if you install OpenBSD, BIND, Apache, pHp, OpenSSL, OpenLDAP, VNCServer, SAMBA, etc., etc, on your box and don't keep up with the patches nor use any kind of enterprise-class network protection and/or monitoring/IDS systems in support, you will get abused fairly badly. Is that what you were asking, because that would fit the "ktichen sink" analogy I'm trying very hard to get across.
OTOH, I AM also saying there is a disparity, an inequity, if you will, that is less apparent and it is in the IQ of the user base. Windows admins and to a greater degree (if it is possible) are, by and large, complete dolts. And I'm among the group and I still say it. I say so because they WILL install the kitchen sink features of the newer Redmond OSes, never thinking about how you should secure any one of the services, let alone all of them.
Slashdot Mirror
Troglodite feces by itself is probably pretty innocuous. But if you were to mix it with SARS, I'd be willing to bet the combination would kick your ass. Slide down that scale, troll. Take your bitching to news://alt.my.pussy.hurts or similar.
Actually, wanker, I do have a programming tip... go do some instead of pestering folks who have work to do. I had never come across a pxe variant of GRUB and so I asked the question, as pxeLinux does most of what I need at my job, but I'm still not knocked out. I myself have gotten over the need to pretend there is nothing I don't know or can't learn from another. If you are so damned well-versed in everything, why the hell do you bother with /.? It's rarely entertaining, and it can't be very informative for someone with your gargantuan intellect and endless expertise. You must have very little to do indeed if this is your form of entertainment. As ever, I am serious.
BTW... I never said I don't program... I said I'm not a programmer, as in that is not what I get paid to do. Of course, by that criteria, you could claim you're not a wanker.
Oooh, pxeGRUB... do tell. I have been using syslinux/pxelinux, but I was kinda hoping the U in GRUB was not a misnomer. Sine I use GRUB on all my non-netbooting *Xs, I did want to use it for netbooting but hadn't found the way. I guess now that I have the names, I can google with the best of them. Thanks for helping out.
Hey, stop that! You're only supposed to trollhound me! I'm jealous... my wife won't fsck me anymore.
I'm not sure I get your point, fwad. That was exactly the point of my first post, so what's your argument with me, regurgitator? And I never said I "figured out" anything. I said some developers have to be bitch-slapped to stop doing it. Others have to be bitch-slapped for other various reasons, but I'm sure you can cite a list from personal experience far longer than any I can imagine. Four replies to a single post.... must've struck a nerve.
Oh one more thing, to answer your question... I work with...
...
YOUR MOTHER!
Oh, Tsarkon, my hero... I was so blind.
Seriously, though. I thought you'd given up on me. Thank God I was mistaken. It's so cute how you put your utterly baseless arguments and assumptions as to my intelligence, attitude, aptitude and skill in one AC post and your vain libel in another in the attempt to appear as two separate ACs. Truth told, you don't really even constitute a half poster, much less more than one.
Nice to know that I can put some bait out there and get you to waste some time in reply. The difference is I can troll you and still provide decent enough conversation/info to be worth something to the whole discussion.
No, I don't profess to be a coder. I went into systems to avoid any coding that requires thinking above the scripting level. That's just it. I'm amazed that some folks who base their entire livelihood on their ability to design and implement applications have so little a clue of how to do it.
You imply your own system architecture understanding and application design skillz are at least competent by attempting to impugn mine. Well, then you should think a little harder, buggar. Just creating an SSL session to keep your info safe on the wire doesn't begin to mitigate the problem with this exploit (um, geez, that's such an official word for what in this case boils down to URL-tampering... I thought enough work went into web app design today that URL-tampering was an extinct attack vector). That was my whole point earlier. Any idiot who can examine the hyperlink can imagine the attack method, So just observing normal operation within the app itself is enough to figure out that this is wider open than your pouting rictus in the proximity of the PFY.
You want code samples? There's nothing I do in any of my code that isn't easily derived from a five-minute google for whatever it is you're trying to do. You want some enlightening secrets about the super-secret world of locking down a server? Sorry, all I have is what's freely available from the usual sources, you know, bugtraq, the NSA, honeynet discussion lists, etc. No magic bullets. You caught me. What a fraud I've perpetrated.
I don't know where you get off trying to paint me as some kind of Steve Gibson or the like, but it sure is funny to watch you fail at cogent sentience in the process. I swear, when you get all worked up, it's like watching de-volution at work. Are we not men? The difference between your motivation and mine for carrying on this converstion is this... You do it just to antagonize me, but I actually believe there is hope for you one day to look at something more open-mindedly than you currently do. You egg me on because you believe my kind will never change. I reply becuase I retain hope that yours one day will. That's the beauty in the Dawn of Man... it happens every day somewhere. And once it happens to you, you can make it happen over and over for others.
Fortunately for me, the boss and the two major PMs have learned to take me seriously on the subject. The boss just knows what he sees when the systems get audited; the PMs know it because they used to be core developers and I helped them fix the holes that got shot in their app designs.
My problem is with some of the developers that have come in since that time to fill the slots left open as these two guys moved up to PMs and the projects expanded at the same time. What you end up with is twice as many folks working at the code level with half as much understanding of where the projects began, their roots. That's where a lot of bad decisions get made. And a lot of these new developers know how to make code do the basic stuff, but they don't have the knack for application design that the original architects did. And they think the only folks on par to tell them what their code should or shouldn't do (or even how to validate that it does operate as expected while developing) are the PMs or The Boss. Like I said, it is lucky for me those individuals listen to me now. Many of my disagreements with these dev guys have ended up nearly in fisticuffs, and they are much bigger than I am. And there's a lot of them compared to just me.
No, you're right on. We agree to the letter. Obscuring by naming is not security. Obscuring by hiding it in the header is not security. And any serious malevolent is sniffin' ya or otherwise intercepting your transmissions to understand where to find what he wants of your data before he ever tries an exploit in a browser, telnet client, or even a custom app designed specifically to generate exactly the kind of packets your app expects to see. When I said "at least have the decency to..." I guess I should've prepended with "there is never a time when you should, but..."
In a more general sense, what I was saying was "at least make 'em analyse packets to figure it out, don't let any dumbass who knows how to hover a link or "view > source" tell you how stupid you are. At least put up some kind of fight. Many of the coders here have had to be browbeaten about this. Some of them argue "My job is just to make this work. You make it secure." I have to make them understand that nothing can secure bad code. Sometimes I have to all but rewrite their code (or worse, redesign the app flow) to show them what's secure. And half the time, they come back and ask "OK, why is that better? My way is easier."
I'm serious. Developers who really take security seriously to the extent that they design it into the app as opposed to "spray it on" after the fact are rare in the commercial world, unless they are working on products/projects that are specifically security-related. No one else seems to get it and they think it is infrastructure's job to make the insecure app secure. Good admins are so underpaid...
I usually stand up for the Redmond boys if there's some bashing going on and not alot of balance to the issue. But this is just an incredibly stupid hole to have open. Why would you ever, ever, ever pass details in the URL string that the user himself need not (and should not be allowed to) supply? If it is because you are passing it among servers in some fancy-schmancy web service scheme, then at least have the decency to hide the exploitable name/value pair in an http header or something (but even this should not be necessary for what they are doing , even if my guess as to how their backend works is wayyy offbase). Somebody said it earlier in the discussion that it is because developers (using the term lightly) add features without thinking of how to do it right and how to do it securely and just pass any old thing in the URL string, and they were right on the mark.
Some coders (again using the term loosely) at my organization used to do this absolutely all the time and I would bitch about how piss poor it was from a security angle (and regularly demonstrate how easy it was to circumvent the intended "security" mechanisms). Everybody laughed at me when I did... that is until one of our largest customers hired an outside firm to audit the "security" of the apps they were getting. It took the firm very little time to discover these nuggets, of course. It is interesting to note that they reported that the application security was among the poorest they had seen, but that the server configurations (my department) were among the tightest. The sad thing is the stupid customer basically thought the two canceled each other out, threw some extra money at redesigning the application to meet the standards it should have to begin with, rewarded our systems team which had done it right the first time with absolutely squat, and renewed the contract for another five years. Shows you how much the corporate world understands what's really going on.
Hey... thanks for using the proper term. Today, all the S/W-only n00bs all think it is vocoRder just because the plugin makers didn't use the proper vernacular. The original effect was produced by what was called a vocoder. It should be noted that the obvious pitch-shifting was the *desired* effect. Similar in some respects to how one used the "talk box" to turn the shape of the oral cavity into a parametric EQ sweep for the output of a guitar amp, then fed into a vocal mic. Nice to know someone out there remembers the good ol' days.
Troll, I don't know what I did to piss in your cornflakes, but please tell me so I can script it and do it every ten minutes. Go away and if you come back, I dare you to post as yourself.
Stop chasing my posts, fuckwad.
I'll bet your condo already has cable run to all the rooms. DIY cable broadband might be much less trouble. For more info, try here
And better yet, do I have to live in Va. to benefit, or does my inconvenient mail just need to make a hop there?
AC: I recognize you and your bait. Get an accont, fer cryin' out loud.
OMFG, LOFL & ROTF! Yes, I actually read it all and the mirth was the worth. Thank you, AfC, for demonstarting that you have the aptitude to commit the same verbicide of which you accuse me but of which you offer no evidence and of which none can I find. If you want anyone to take you seriously (and that would be a very high ambition for you, maybe unrealistic), try posting with some identity and get back to the discussion at hand. BTW anyone can get transciptions of the minutes from their local demagoguery's meetings and do find and replace; that does not equal original thinking or speaking. But it is one way to learn the language. FOAD.
You imply a disparity in your years of experience and mine and I do not doubt that. Judging from the maturity level of your posts, you don't have as many years breathing as I have of industry experience.
Say what you want about Lotus, but I will never use it again. And yes, that implies I have before. Solaris has generally performed well for me... it's just the on-again, off-again attitude towards x86 that makes me leery of ongoing support from Sun.
You assume you make more than me, and maybe you do (there's alot of people paying too much for too little out there) but you really shouldn't assume it because you are likely wrong. It matters not though, because I am secure in my career and my craft. You also assume I don't have a consulting biz of my own or "can't get a client". Whatever. If you feel it necessary to carry on this bullshit troll, go ahead. You're in my killfile.
Actually, you are off-base in places and off in others.
/. fashion and in a very uninformed manner.
/.? Think about it. You sound like one of the folks that has to have a "clear winner" in the server category as opposed to realizing that it is a very broad field and one may smoke on some features but not on others. I would never limit my network to a single architecture like alot of our clients do. But then again, the reason our co
Of course I'm not using something that went gold (and that's MS's definition of gold, so take the grain of salt because you know ymmv) weeks ago in a production environment. I'm lazy, not stupid.
No, I'm not a Tom/Kyle/Anand type, but I do have to keep on top of the latest OS releases. I do have to evaluate the pros and cons of each release and figure out if it is worth it to my enterprise or to any of our customers. I download RH/Slack/BSD releases within days of availability and start putting them through their paces on test boxen. I do the same with MS products via my MSDN subscription. Working with both worlds all the time, I can't afford to bury my head in the sand and ignore the march of so-called progress or discount something just because it comes from Redmond.
I read the same tsarkon posts and info you did and what I gleaned from it was he installed it to do file-sharing and then proceeded to bash everything about the OS including what he didn't test or even understand in classic
You can bash Win2k DNS all you like but I have been running it production for two years for a number of complex domain trees and to also support a production AD (which interoperates just fine with my other LDAP servers, thank you) and I have found it to be quite stable. I am not stupid enough to let the AD servers talk DNS to the real world (use a DNS proxy locked down tighter than dick's hat band for that), but these are the kind of things you learn by actually USING a product rather than just clicking around a little and deciding it's inferior and not worth your time. BTW - maybe you're saying that there have been fewer serious BIND vulnerabilities than Win2K *DNS-specific* exploits? Umm, no.
As for IIS, if you're using it to serve up simple DB-bound web pages, again, you SHOULD be using Apache and pHp. IIS is not just the server version of PWS, dunghole. IIS is an application platform, not a simple web server. And that's not to say that Apache w/Jakarta or WebSphere or whatever else can't compete with that, because they definitely have their uses. But using the latest incarnations of IIS to work with windows-only application platforms is simply cheaper, faster and more extensible for large clients who have standardized on that homogeneous environment at both the client and the server. Notice I'm not defending that decision, I'm just telling you what it takes to stay competitive in the large contract RAD market, since you seem to not understand why anyone would even consider checking W2K3 out.
As for RRAS, it does what my org needs it to do and I don't have to buy/support another piece of hardware to do it. I'm sure an ISP would prefer another solution (understandably), but, then, I am not an ISP.
I really can't believe you even used the words "Solaris" and worse "Lotus" in the same paragraph with the word "service". Quarterly maintenance is not a good option when your users are down waiting for the fix or when a critical exploit needs attention. Patches come out when they have to not when they have been scheduled, moron.
I am certainly *not* a Microsoft-trained monkey, and I understand that many, many such creatures exist. Everything I know about MS I've learned from having to work with it. And I guarantee you I've had much more pain from their products than you have. But I have noticed a trend in their products improving in some areas, as much as I may disagree with their direction in others. I am not very interested in what is percieved as *cool*. If I were, would I be even arguing this with you on
Mod this troll all the way down.
Any server product has its ups and downs. Why in the hell would you ues 2k3 for a SAMBA share? Jeez. If filesharing is all you're interested in, get a FREEDOS box and knock yourself out. You have little clue what you're talking about so I'm leaving it at that.
Has Caldera/SCO ever made a buck on anything they've made themselves (not bought from someone else)?
Why, oh, why did you let MS skate on the DR-DOS lawsuit? While it also was just another acquisition of yours, MS had really done wrong, and you were in the best position to do something about it. You could've made enough to float that boat of yours for ten years! And the DOJ case would've turned out very differently. I'm so glad my boss didn't follow my advice and buy your stock just before you settled.
What color's your parachute?
I have not seen one post out here from someone who puts food on the table by publishing/distributing copyrighted material. So now you get to hear from one such person.
Filesharing is not illegal in general. Sharing files that are unauthorised copies of copyrighted works or sharing files in a manner which by violation of the agreement between the publisher and oneself invalidates any single user's fair use rights to their copy of a copyrighted work is fully illegal. Tired of you dolts muddying that issue. Quit that debate. I've ended it for you.
Now onto morals vs. morass -- the BMCs (read: Big Media Conglomerates) are dinosaurs and we (the consumer conglomerate) wish they would die already. True enough. Does that mean it is morally OK to lift the works of the artist who is stupid/unfortunate enough to be tied into the BMCs way of doing things? Absolutely not. If you like the artist enough and you want to see them off the corporate teat, I suggest contacting them and telling them why you didn't buy their merchandise. Maybe even GO TO A SHOW! (I know the geeks here don't get out much, but, if you like it that much, maybe you owe them that much.)
In a truly ideal situation, the artists don't owe the BMCs for producing their CDs and they can give the recorded material away, provided the fans SUPPORT THE SCENE! What everybody fails to realize is that concert tours, for all the pomp and all the hand-over-fist $$$ shelled out, make OTT (on-the-teat) artists nothing. The BMCs pay for them and operate them (you'll never believe this one, I sure don't) at a loss, so they say. But if you're an honest, hardworking band not OTT, then you play modest gigs at a modest venue and make an honest buck. You probably sell shirts and CDs and all manner of items off a table in the back, and you get by.
But some groups have expanded this enterprise (the Dead and Phish come to mind along with WSP, DMB, JID, others) enough to where they don't have to have a record deal to be successful. They may have a label back them from time to time, but it is because the label *begged* them and gave them such a sweetheart deal, it was hard to say no. More and more, a record deal does not mean success, it means failure and debt. Failure to attract a loyal crowd and sustain attendance at shows. Failure to organize efforts to market your merchandise. Failure to get traded in the word-of-mouth market to regional or national success. While hating the BMCs, you have to feel sorry for and respect the small returns of guys who are OTT (that is if you like their music), but convince them to wean themselves!
Hey, sleepy:
At last check, Win2K had just passed SP3.
Thank you for helping people understand this. It's (the mispunctuation of "its") one of my pet grammatical peeves.
Google itself seems to feel the /. effect.
TO: Caldera/SCO
The secret is about how to produce good, reliable, useable software. The only ones from whom it is kept secret are apparently in your own poor-ass excuse for a development shop. The only good product you ever made -- err, bought -- was DR DOS and you sold it as soon as you got your petty settlemnt from BillG. I'll never forgive you for not stcking it to MS on that one. You were the only ones with a claim left standing to do it, even if it wasn't your creation. You could've made the DOJ case come out entirely different and made a fortune while you were at it. Instead, you took chump-change, tucked your tail and sold the product. For shame. Ransom Love indeed!
I have used SCO, both before and after you acquired it. It was and remains the bane of my existence as an admin. And OpenServer, please! OpenLinux, etc. -- all suckware! Please, everybody go back to Novell and focus all your energy on finally running that albatross the rest of the way into the ground. When you're done with that, see if you can buy the IP rights to Win9x from BillG. If you are selling it, I am sure all reasonable people everywhere will stop using it. What a service you could do the community.
On a more serious note, if any of your real IP has made it into the kernel, please, for god's sake point out precisely what it is so it can be promptly replaced with something that works!
You're missing my point and reading me wrong too.
We probably agree on alot, and you make some excellent points, but you have to recognize that much of it is as pertinent to GNU as to proprietary software. You also need to realize that just because a lUser doesn't know how to set an OS up doesn't mean the OS itself is any less secure (as opposed to the installation of the OS). Yes, Win9x and NT up until very late service packs sucked hard. Believe me, I had to admin a whole freakin lot of them.
No, I'm not saying there is a security equivalency between WinNT+ and your favorite BSD (I like NetBSD myself) -- I am saying that ultimately we really can't know beyond what is able to be hacked on either one of them. And at that point it gets a patch if the hacker wasn't blackhat, so it's just another vulnerability fixed.
I am also saying that yes, if you install OpenBSD, BIND, Apache, pHp, OpenSSL, OpenLDAP, VNCServer, SAMBA, etc., etc, on your box and don't keep up with the patches nor use any kind of enterprise-class network protection and/or monitoring/IDS systems in support, you will get abused fairly badly. Is that what you were asking, because that would fit the "ktichen sink" analogy I'm trying very hard to get across.
OTOH, I AM also saying there is a disparity, an inequity, if you will, that is less apparent and it is in the IQ of the user base. Windows admins and to a greater degree (if it is possible) are, by and large, complete dolts. And I'm among the group and I still say it. I say so because they WILL install the kitchen sink features of the newer Redmond OSes, never thinking about how you should secure any one of the services, let alone all of them.